Comment by retox
8 years ago
Does this strike anyone else as suspicious? To my mind she's either incompetent or she intended to become a martyr.
8 years ago
Does this strike anyone else as suspicious? To my mind she's either incompetent or she intended to become a martyr.
Third possibility: that she suspected she'd be caught regardless, and decided that releasing this specific information publicly was more important than her personal freedom.
Fourth possibility: that the NSA did use the forensic marks in question to identify her, and fabricated a parallel construction in order to avoid acknowledging the existence of said marks.
(But still, most likely this is Hanlon's Razor. What's there to be suspicious about?)
> order to avoid acknowledging the existence of said marks
Not likely. It's been common knowledge for a long time.
The EFF has been covering this for a while, and in 2015, released a list of printers that do/do not display tracking dots [1].
[1] https://www.eff.org/pages/list-printers-which-do-or-do-not-d...
1 reply →
The reporting on this everywhere besides tech sites has completely left this part out. Its not common knowledge to a lot of people.
4 replies →
I was just speaking to a co-worker about this and they didn't know about the dots. Anecdotal as always, but we shouldn't take for granted that everyone is aware of this.
Not that common, and intelligence institutions often have policies not to acknowledge things that are known to be true. I think that not discouraging people from mailing printouts when they don't want to be identified is a good enough reason to pretend that they didn't just read all the info they needed from the printout itself.
Firstly, you can't use Hanlon's Razor and NSA in the same sentence.
Secondly, often assuming just a tiny bit of malice can account for layers and layers of stupidity. Occam's razor is sharper :)
Can you use Hanlon's Razor and FSB in the same sentence? Maybe The Intercept's opsec is perfectly fine as long as your leak doesn't involve Russia.
1 reply →
Five: someone wanted her out and framed her.
Six: she was a weak security link and someone used her access details without permission.
Seven: someone with sysadmin privileges sent mail from her account, having printed the document from six accounts and only managing to get to "her" printer before loose documents were destroyed.
6 replies →
Her background, according to the Guardian, is former Air Force and being fluent in Middle Eastern languages. None of that indicates that she would be especially knowledgeable of how access logs are implemented. I mean, she should have gave the NSA the benefit of the doubt given the massive clusterfuck caused by Snowden 3+ years ago. But even today, we see reports of massive data incompetence by Booz Hamilton (Snowden's employer) top secret contractors: http://gizmodo.com/top-defense-contractor-left-sensitive-pen...
The whole idea of 'top secret contractors' is wrong to begin with. You can't have people access information at that level without making them part of your culture. If you take that risk then there is a fair chance your 'top secret' is in fact 'public domain'.
It's not about whether someone is a contractor or a full time government employee. Contractors work on the government site just as much as FTE's, receive the same security training, and are indoctrinated into the same culture.
The problem is inadequate access control to classified materials. There tends to be a lot of information that people can access without a need to know, that is not rigorously tracked and locked down. This means that someone looking to steal or leak can get their hands on a lot of stuff they shouldn't without raising suspicions if they're not stupid about it.
The reason we may be seeing a number of spillage incidents with contractors is simply because there a lot of contractors working at government agencies. In IT a lot of the time contractors outnumber government people by a significant margin.
Yeah, America has not only had an over-classification problem, but it's been inundated with contractors with unnecessary top clearances. The Washington Post had a great investigation back in 2010 cataloguing the sheer size and complexity of America's security and intelligence system:
http://projects.washingtonpost.com/top-secret-america/
Some findings:
> Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.
> An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.
> Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year - a volume so large that many are routinely ignored.
Does this strike anyone else as suspicious?
What is suspicious about it?
This isn't 4chan. Present some evidence but don't just make up random speculation that "could have happened".
I mean it's possible to come up with elaborate theories, but the most likely explanation is that she was just spectacularly stupid.
or she intended to become a martyr
I'm not sure being this dumb is going to get much sympathy from anyone.
Not stupid, it is just hard to not get caught. Once you see how someone is caught you can say "oh of course I'd never do that", but you'd probably make some other mistake.
Could she and should she have taken better precautions, without a doubt. Would the average intelligence analyst who is not being coached by a foreign power do a better job, I doubt it. In fact many foreign spies have done a far worst job and not been caught immediately. This is because the intelligence they stole was not published. Being a source of a journalist is much harder than being a source for a foreign power.
I agree it's hard not to get caught. But this was just giving it away.
She's 25 years old and worked in that job for a few months, not a security specialist or some super-spy.
Well, that's one way to look at it. The other is that NSA's internal security is so botched that a fresh-out-of-school 3 months on the job external contractor managed to outfox the NSA's security measures. What she did should not have been possible in the first place.
Or that she was a convenient, not long-term career person, to make a cool deal to appear as somebody leaking the document against NSA's will.
3 replies →
From what's publically known, the email to The Intercept related to their podcast, of which we supposedly was a listener and not to the matter at hand.
Are we only permitted to consider 2 choices here or is it permissible to consider the other obvious possibilities?
I don't get it. So she printed the document, then scanned in order to email it?
It sounds more like she contacted the Intercept just to tell them she had some documents and where should she (physically) mail them.
Details, details. /s
Agreed. Whenever I leak, I make sure to pin it on some derp. Throws them off my trail so I don't end up like Manning. As for the derp, she'll get a book deal which is more than she ever had going for her.
(Kind of annoyed that the derp became the story while the actual leak never made the front page.)
As an aside, how else would one sneak top-secret stuff out of the NSA ? I assume all IO ports have been cut, and the input devices soldered onto the motherboard ?
Send some xor-ed file out using a non-secure connection and sneak the key out somehow ?
Take photographs/video using the phone, cold-war style ?
Without having visited the site in question, the underlying theme is that you, as the security people, have to choose your battles because employees start to get very upset when you make their jobs difficult in order to show them how little you trust them.
> Send some xor-ed file out using a non-secure connection and sneak the key out somehow ?
Stray thought: You don't have to sneak a OTP out, you only need to sneak it in. Then you do your XORing, transmit the mangled data, and erase that copy of the key.
Taking photographs on an (offline) phone is probably the safest and easiest way to go about it. Obviously no flash, if you can't do it in non-monitored environments make it look like you're just looking at your phone. Go home, take pics out of device, delete them and destroy the phone.
This said, it's been reported some contractors and employees routinely took home loads of external drives, so your expectation that IO ports are completely disabled might be unrealistic; the NSA is good but it's just another large org, just a bit more paranoid than average.
Phones aren't allowed in SCIFs (the facility she worked in).
Hard drives labeled unclassified can be removed from those facilities with special permission but I think hard drives are under more scrutiny nowadays.
3 replies →
You can't just "look at your phone" while processing classified information. Its highly forbidden to even have a phone in your possession while processing classified information.